﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;
using Newtonsoft.Json;
using RestSemitaService.Models;

namespace RestSemitaService.Controllers
{
    public class LoginController : ApiController
    {
        // GET api/login
        public string Get()
        {
            return "please insert username and password";
        }

        // GET api/login?username=semita&password=123
        public string Get(string username, string password)
        {
            try
            {
                SqlConnection thisConnection = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["connectionString"].ConnectionString);
                //SqlConnection thisConnection1 = new SqlConnection(System.Configuration.AppSettingsReader.GetValue("connectionString"));
                thisConnection.Open();
                SqlCommand thisCommand = thisConnection.CreateCommand();
                thisCommand.CommandText = "select username, password from tb_user where username = @username";
                thisCommand.Parameters.AddWithValue("@username", username);
                using (SqlDataReader reader = thisCommand.ExecuteReader())
                {
                    while (reader.Read())
                    {
                        string _user = reader["username"].ToString();
                        string _password = reader["password"].ToString();
                        if (_user.Equals(username) && _password.Equals(password))
                        {
                            reader.Close();
                            thisConnection.Close();
                            return "true";
                        }
                        else
                        {
                            reader.Close();
                            thisConnection.Close();
                            return "false";
                        }
                    }
                }
            }
            catch (SqlException e)
            {
                Console.WriteLine(e.StackTrace + "\n" + e.Message);
            }
            return "false";
            //results = new List<User>()
            //    {
            //        new User { Username = "semita", Password= "123"},
            //    }
        }

        // POST api/login
        //public string Post([FromBody]string username, [FromBody]string password)
        public string Post([FromBody]string data)
        {
            //whole:
            var userJson = JsonConvert.DeserializeObject<User>(data.ToString());

            //or 
            //var c1 = JsonConvert.DeserializeObject<ComplexObject1>(data.c1.ToString());

            //var c2 = JsonConvert.DeserializeObject<ComplexObject2>(data.c2.ToString());
            User userObj;
            if (string.IsNullOrEmpty(data.ToString()))
            {
                userObj = new User();
            }
            else
            {
                userObj = userJson;
            }
            try
            {
                SqlConnection thisConnection = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["connectionString"].ConnectionString);
                //SqlConnection thisConnection1 = new SqlConnection(System.Configuration.AppSettingsReader.GetValue("connectionString"));
                thisConnection.Open();
                SqlCommand thisCommand = thisConnection.CreateCommand();
                thisCommand.CommandText = "select username, password from tb_user where username = @username";
                thisCommand.Parameters.AddWithValue("@username", userObj.Username);
                using (SqlDataReader reader = thisCommand.ExecuteReader())
                {
                    while (reader.Read())
                    {
                        string _user = reader["username"].ToString();
                        string _password = reader["password"].ToString();
                        if (_user.Equals(userObj.Username) && _password.Equals(userObj.Password))
                        {
                            reader.Close();
                            thisConnection.Close();
                            return "true";
                        }
                        else
                        {
                            reader.Close();
                            thisConnection.Close();
                            return "false";
                        }
                    }
                }
            }
            catch (SqlException e)
            {
                Console.WriteLine(e.StackTrace + "\n" + e.Message);
            }
            return "false";
        }
        // DTO or ViewModel? Potato or potato, IMO.
        public class PersonDTO
        {
            public string FirstName { get; set; }
            public string LastName { get; set; }
        }

        //public string Post(PersonDTO Person)
        //{
        //    return Person.FirstName + " " + Person.LastName;
        //}

        // PUT api/login/5
        public void Put(int id, [FromBody]string value)
        {
        }

        // DELETE api/login/5
        public void Delete(int id)
        {
        }
    }

}
